If you wish to use Cloudflare for DNS ONLY, you can configure it just like any other DNS provider, and simply follow the steps for adding a custom domain as usual.
WARNING: Your domain DNS entry must have a GRAY cloud, not an ORANGE (proxied) cloud next to the entry.
Even though Elest.io automatically provides SSL and has a firewall, there can be advantages to using Cloudflare for Proxying traffic, notably DDoS attacks and automatic filtering of scripted attacks.
Note: Cloudflare only proxies traffic on certain ports. If you want to use this hostname for SSH, FTP, or other services whose ports are not listed in the above link, you must configure Cloudflare to provide DNS only or use Cloudflare's Spectrum offer.
Because Elest.io already creates an SSL certificate for your website trusted by a root CA, the recommended configuration is to set Cloudflare to use Strict SSL verification when connecting to your server.
Before continuing, ensure you have already configured the domains as per the instructions on the previous page.
Option 1: To set up strict SSL verification for your whole domain:
Option 2: To set up strict SSL verification for a specific subdomain:
- In your domain's dashboard, navigate to
Rules > Configuration Rulesand click
- Name your rule, and configure the incoming request filters.
3. Configure the SSL to
Option 3: Manual configuration (Advanced)
If you need a custom implementation, you can disable the creation of an SSL certificate with the following steps.
Create a CNAME record for your Cloudflare entry and point to the CNAME provided for that service in the Elestio dashboard.
These changes can be overwritten in the future if you modify the list of domains via the Elest.io dashboard.
1) Connect to the VM with SSH and type this:
there remove your domain from the first line and save with CTRL+X
then type this command:
docker-compose up -d;
After that, nginx won't try again to obtain an SSL certificate for your domain.